CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3033 – Mobatime web application - broken authorisation mechanisms
https://notcve.org/view.php?id=CVE-2023-3033
Incorrect Authorization vulnerability in Mobatime web application allows Privilege Escalation, Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mobatime web application: through 06.7.22. • https://borelenzo.github.io/stuff/2023/06/01/cve-2023-3033.html • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3032 – Mobatime web application - Arbitrary file upload (RCE)
https://notcve.org/view.php?id=CVE-2023-3032
Unrestricted Upload of File with Dangerous Type vulnerability in Mobatime web application (Documentary proof upload modules) allows a malicious user to Upload a Web Shell to a Web Server.This issue affects Mobatime web application: through 06.7.22. • https://borelenzo.github.io/stuff/2023/06/01/cve-2023-3032.html • CWE-434: Unrestricted Upload of File with Dangerous Type •